UX Theme: Managing security & code quality results in the MR
UX Theme
Managing security & code quality results in the MR
Beneficiary
- Persona: Software developer
- Persona: Security Analyst
- Application security teams
Need & JTBD
Need:
- Understand if an MR is blocked, why, and what needs to be done to unblock it
- Collaborate with counterparts to resolve MR blockers
JTBD: (primary job)
- When I'm making changes, I want to deliver secure and performant code, so I can ensure the integrity of my organization's software is not compromised
Supporting jobs
- As an Author...
- I need to know what is blocking the MR before I send my changes off to review
- I need to know why something is blocking the MR and what I need to do to unblock it
- I need to ask for help when I cannot resolve an issue with an item blocking the MR
- I need to see the blocking items in the context of my code so I can address them with as little friction as possible
- As a Reviewer...
- I need to know what is blocking the MR before I approve the MR
- I need to start a review on items that are blocking an MR and were not addressed
- I need to see the blocking items in the context of the code so I can better understand them
- As a Security expert...
- I need to know why I was asked to approve/review an MR
- I need to dive deep into the security results of business-critical applications
- I need to see the blocking items in the context of the code so I can better understand them
- I need to unblock the MR and accept the risk of true-positives that can be resolved after the branch is merged
- I need to unblock the MR and verify any false-positives that may be blocking the MR
- I need to create/modify/tune existing risk-acceptance policies when I find a new vuln is detected that should not block the MR
Business objective
Increase engagement by making the experience efficient while reducing the chances of users overlooking high-priority items.
Confidence
Confidence | Research |
---|---|
Medium / high | • Scope the problem area - mural • Understand usability problems, and user challenges, needs, outcomes - Mural and Parallel research issue • Analyze top competitors in the space - Mural - Issue link |
Subthemes
Feature/solution subthemes
Opportunity | Issue link | UX Weight | Workflow status |
---|---|---|---|
Title |
Issue link | 0 - 10 |
~workflow:: |
Title |
Issue link | 0 - 10 |
~workflow:: |
Research subthemes
Opportunity | Issue link | Research type |
---|---|---|
Title |
Issue link | solution validation |
Title |
Issue link | survey |